Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/external/bsd/openssl resolve conflicts



details:   https://anonhg.NetBSD.org/src/rev/87d8fc680753
branches:  trunk
changeset: 1006675:87d8fc680753
user:      christos <christos%NetBSD.org@localhost>
date:      Thu Jan 23 02:54:53 2020 +0000

description:
resolve conflicts

diffstat:

 crypto/external/bsd/openssl/dist/CHANGES                        |   111 +-
 crypto/external/bsd/openssl/dist/Configure                      |     5 +-
 crypto/external/bsd/openssl/dist/NEWS                           |    19 +-
 crypto/external/bsd/openssl/dist/README                         |     2 +-
 crypto/external/bsd/openssl/dist/apps/ca.c                      |     4 +-
 crypto/external/bsd/openssl/dist/apps/ocsp.c                    |     6 +-
 crypto/external/bsd/openssl/dist/apps/openssl.c                 |     3 +-
 crypto/external/bsd/openssl/dist/apps/req.c                     |    16 +-
 crypto/external/bsd/openssl/dist/apps/s_client.c                |     2 +-
 crypto/external/bsd/openssl/dist/apps/speed.c                   |     2 +-
 crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-586.pl      |  3000 ---------
 crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-x86_64.pl   |  2916 ---------
 crypto/external/bsd/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl |  3239 ----------
 crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c           |    10 +-
 crypto/external/bsd/openssl/dist/crypto/bio/bss_file.c          |    61 +-
 crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl          |     2 +-
 crypto/external/bsd/openssl/dist/crypto/bn/bn_lcl.h             |     4 +-
 crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c             |   101 +-
 crypto/external/bsd/openssl/dist/crypto/bn/bn_rand.c            |     7 +-
 crypto/external/bsd/openssl/dist/crypto/dh/dh_lib.c             |     6 +-
 crypto/external/bsd/openssl/dist/crypto/dsa/dsa_ameth.c         |     4 +-
 crypto/external/bsd/openssl/dist/crypto/dso/dso_dlfcn.c         |     5 +-
 crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c            |    73 +-
 crypto/external/bsd/openssl/dist/crypto/ec/ec_lcl.h             |     4 +-
 crypto/external/bsd/openssl/dist/crypto/ec/ec_lib.c             |   103 +-
 crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c  |     2 +-
 crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c             |    91 +-
 crypto/external/bsd/openssl/dist/crypto/lhash/lhash.c           |     8 +-
 crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c        |    14 +-
 crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c        |   185 +-
 crypto/external/bsd/openssl/dist/crypto/rsa/rsa_err.c           |     4 +-
 crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c           |     2 +-
 crypto/external/bsd/openssl/dist/crypto/rsa/rsa_lib.c           |    17 +-
 crypto/external/bsd/openssl/dist/crypto/threads_pthread.c       |    12 +-
 crypto/external/bsd/openssl/dist/crypto/ui/ui_lib.c             |     4 +-
 crypto/external/bsd/openssl/dist/crypto/ui/ui_openssl.c         |     2 +-
 crypto/external/bsd/openssl/dist/crypto/uid.c                   |    18 +-
 crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c         |    12 +-
 crypto/external/bsd/openssl/dist/e_os.h                         |    30 +-
 crypto/external/bsd/openssl/dist/include/internal/refcount.h    |     2 +-
 crypto/external/bsd/openssl/dist/include/internal/tsan_assist.h |     2 +-
 crypto/external/bsd/openssl/dist/ssl/s3_lib.c                   |    14 +-
 crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c                 |    13 +-
 crypto/external/bsd/openssl/dist/ssl/ssl_lib.c                  |    20 +-
 crypto/external/bsd/openssl/dist/ssl/ssl_locl.h                 |    37 +-
 crypto/external/bsd/openssl/dist/ssl/ssl_sess.c                 |    39 +-
 crypto/external/bsd/openssl/dist/ssl/t1_lib.c                   |   275 +-
 crypto/external/bsd/openssl/dist/test/bntest.c                  |    47 +-
 crypto/external/bsd/openssl/dist/test/dhtest.c                  |    77 +-
 crypto/external/bsd/openssl/dist/test/ectest.c                  |   444 +-
 crypto/external/bsd/openssl/dist/test/enginetest.c              |    19 +-
 crypto/external/bsd/openssl/dist/test/evp_extra_test.c          |     2 +-
 crypto/external/bsd/openssl/dist/test/evp_test.c                |    34 +-
 crypto/external/bsd/openssl/dist/test/testutil/driver.c         |    26 +-
 crypto/external/bsd/openssl/dist/util/mkdef.pl                  |     4 +-
 crypto/external/bsd/openssl/lib/libcrypto/crypto.map            |    23 +-
 crypto/external/bsd/openssl/lib/libssl/ssl.map                  |     7 +-
 57 files changed, 1618 insertions(+), 9573 deletions(-)

diffs (truncated from 12847 to 300 lines):

diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/CHANGES
--- a/crypto/external/bsd/openssl/dist/CHANGES  Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/CHANGES  Thu Jan 23 02:54:53 2020 +0000
@@ -7,6 +7,101 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1c and 1.1.1d [10 Sep 2019]
+
+  *) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
+     number generator (RNG). This was intended to include protection in the
+     event of a fork() system call in order to ensure that the parent and child
+     processes did not share the same RNG state. However this protection was not
+     being used in the default case.
+
+     A partial mitigation for this issue is that the output from a high
+     precision timer is mixed into the RNG state so the likelihood of a parent
+     and child process sharing state is significantly reduced.
+
+     If an application already calls OPENSSL_init_crypto() explicitly using
+     OPENSSL_INIT_ATFORK then this problem does not occur at all.
+     (CVE-2019-1549)
+     [Matthias St. Pierre]
+
+  *) For built-in EC curves, ensure an EC_GROUP built from the curve name is
+     used even when parsing explicit parameters, when loading a serialized key
+     or calling `EC_GROUP_new_from_ecpkparameters()`/
+     `EC_GROUP_new_from_ecparameters()`.
+     This prevents bypass of security hardening and performance gains,
+     especially for curves with specialized EC_METHODs.
+     By default, if a key encoded with explicit parameters is loaded and later
+     serialized, the output is still encoded with explicit parameters, even if
+     internally a "named" EC_GROUP is used for computation.
+     [Nicola Tuveri]
+
+  *) Compute ECC cofactors if not provided during EC_GROUP construction. Before
+     this change, EC_GROUP_set_generator would accept order and/or cofactor as
+     NULL. After this change, only the cofactor parameter can be NULL. It also
+     does some minimal sanity checks on the passed order.
+     (CVE-2019-1547)
+     [Billy Bob Brumley]
+
+  *) Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
+     An attack is simple, if the first CMS_recipientInfo is valid but the
+     second CMS_recipientInfo is chosen ciphertext. If the second
+     recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct
+     encryption key will be replaced by garbage, and the message cannot be
+     decoded, but if the RSA decryption fails, the correct encryption key is
+     used and the recipient will not notice the attack.
+     As a work around for this potential attack the length of the decrypted
+     key must be equal to the cipher default key length, in case the
+     certifiate is not given and all recipientInfo are tried out.
+     The old behaviour can be re-enabled in the CMS code by setting the
+     CMS_DEBUG_DECRYPT flag.
+     (CVE-2019-1563)
+     [Bernd Edlinger]
+
+  *) Early start up entropy quality from the DEVRANDOM seed source has been
+     improved for older Linux systems.  The RAND subsystem will wait for
+     /dev/random to be producing output before seeding from /dev/urandom.
+     The seeded state is stored for future library initialisations using
+     a system global shared memory segment.  The shared memory identifier
+     can be configured by defining OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID to
+     the desired value.  The default identifier is 114.
+     [Paul Dale]
+
+  *) Correct the extended master secret constant on EBCDIC systems. Without this
+     fix TLS connections between an EBCDIC system and a non-EBCDIC system that
+     negotiate EMS will fail. Unfortunately this also means that TLS connections
+     between EBCDIC systems with this fix, and EBCDIC systems without this
+     fix will fail if they negotiate EMS.
+     [Matt Caswell]
+
+  *) Use Windows installation paths in the mingw builds
+
+     Mingw isn't a POSIX environment per se, which means that Windows
+     paths should be used for installation.
+     (CVE-2019-1552)
+     [Richard Levitte]
+
+  *) Changed DH_check to accept parameters with order q and 2q subgroups.
+     With order 2q subgroups the bit 0 of the private key is not secret
+     but DH_generate_key works around that by clearing bit 0 of the
+     private key for those. This avoids leaking bit 0 of the private key.
+     [Bernd Edlinger]
+
+  *) Significantly reduce secure memory usage by the randomness pools.
+     [Paul Dale]
+
+  *) Revert the DEVRANDOM_WAIT feature for Linux systems
+
+     The DEVRANDOM_WAIT feature added a select() call to wait for the
+     /dev/random device to become readable before reading from the
+     /dev/urandom device.
+
+     It turned out that this change had negative side effects on
+     performance which were not acceptable. After some discussion it
+     was decided to revert this feature and leave it up to the OS
+     resp. the platform maintainer to ensure a proper initialization
+     during early boot time.
+     [Matthias St. Pierre]
+
  Changes between 1.1.1b and 1.1.1c [28 May 2019]
 
   *) Add build tests for C++.  These are generated files that only do one
@@ -75,6 +170,16 @@
      (CVE-2019-1543)
      [Matt Caswell]
 
+  *) Add DEVRANDOM_WAIT feature for Linux systems
+
+     On older Linux systems where the getrandom() system call is not available,
+     OpenSSL normally uses the /dev/urandom device for seeding its CSPRNG.
+     Contrary to getrandom(), the /dev/urandom device will not block during
+     early boot when the kernel CSPRNG has not been seeded yet.
+
+     To mitigate this known weakness, use select() to wait for /dev/random to
+     become readable before reading from /dev/urandom.
+
   *) Ensure that SM2 only uses SM3 as digest algorithm
      [Paul Yang]
 
@@ -322,7 +427,7 @@
         SSL_set_ciphersuites()
      [Matt Caswell]
 
-  *) Memory allocation failures consistenly add an error to the error
+  *) Memory allocation failures consistently add an error to the error
      stack.
      [Rich Salz]
 
@@ -6860,7 +6965,7 @@
      reason texts, thereby removing some of the footprint that may not
      be interesting if those errors aren't displayed anyway.
 
-     NOTE: it's still possible for any application or module to have it's
+     NOTE: it's still possible for any application or module to have its
      own set of error texts inserted.  The routines are there, just not
      used by default when no-err is given.
      [Richard Levitte]
@@ -8826,7 +8931,7 @@
  Changes between 0.9.6g and 0.9.6h  [5 Dec 2002]
 
   *) New function OPENSSL_cleanse(), which is used to cleanse a section of
-     memory from it's contents.  This is done with a counter that will
+     memory from its contents.  This is done with a counter that will
      place alternating values in each byte.  This can be used to solve
      two issues: 1) the removal of calls to memset() by highly optimizing
      compilers, and 2) cleansing with other values than 0, since those can
diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/Configure
--- a/crypto/external/bsd/openssl/dist/Configure        Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/Configure        Thu Jan 23 02:54:53 2020 +0000
@@ -87,9 +87,6 @@
 #               linked openssl executable has rather debugging value than
 #               production quality.
 #
-# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
-#               provided to stack calls. Generates unique stack functions for
-#               each possible stack type.
 # BN_LLONG      use the type 'long long' in crypto/bn/bn.h
 # RC4_CHAR      use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
 # Following are set automatically by this script
@@ -145,13 +142,13 @@
 #       -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc
 #       -Wextended-offsetof -- no, needed in CMS ASN1 code
 my @clang_devteam_warn = qw(
+    -Wno-unknown-warning-option
     -Wswitch-default
     -Wno-parentheses-equality
     -Wno-language-extension-token
     -Wno-extended-offsetof
     -Wconditional-uninitialized
     -Wincompatible-pointer-types-discards-qualifiers
-    -Wno-unknown-warning-option
     -Wmissing-variable-declarations
 );
 
diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/NEWS
--- a/crypto/external/bsd/openssl/dist/NEWS     Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/NEWS     Thu Jan 23 02:54:53 2020 +0000
@@ -5,6 +5,23 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
+
+      o Fixed a fork protection issue (CVE-2019-1549)
+      o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
+        (CVE-2019-1563)
+      o For built-in EC curves, ensure an EC_GROUP built from the curve name is
+        used even when parsing explicit parameters
+      o Compute ECC cofactors if not provided during EC_GROUP construction
+        (CVE-2019-1547)
+      o Early start up entropy quality from the DEVRANDOM seed source has been
+        improved for older Linux systems
+      o Correct the extended master secret constant on EBCDIC systems
+      o Use Windows installation paths in the mingw builds (CVE-2019-1552)
+      o Changed DH_check to accept parameters with order q and 2q subgroups
+      o Significantly reduce secure memory usage by the randomness pools
+      o Revert the DEVRANDOM_WAIT feature for Linux systems
+
   Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019]
 
       o Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543)
@@ -601,7 +618,7 @@
 
   Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
 
-      o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
+      o Give EVP_MAX_MD_SIZE its old value, except for a FIPS build.
 
   Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
 
diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/README
--- a/crypto/external/bsd/openssl/dist/README   Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/README   Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
 
- OpenSSL 1.1.1c 28 May 2019
+ OpenSSL 1.1.1d 10 Sep 2019
 
  Copyright (c) 1998-2019 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/apps/ca.c
--- a/crypto/external/bsd/openssl/dist/apps/ca.c        Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/ca.c        Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -722,7 +722,7 @@
 
     /*****************************************************************/
     if (req || gencrl) {
-        if (spkac_file != NULL) {
+        if (spkac_file != NULL && outfile != NULL) {
             output_der = 1;
             batch = 1;
         }
diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/apps/ocsp.c
--- a/crypto/external/bsd/openssl/dist/apps/ocsp.c      Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/ocsp.c      Thu Jan 23 02:54:53 2020 +0000
@@ -1416,9 +1416,11 @@
         *q = '\0';
 
         /*
-         * Skip "GET / HTTP..." requests often used by load-balancers
+         * Skip "GET / HTTP..." requests often used by load-balancers.  Note:
+         * 'p' was incremented above to point to the first byte *after* the
+         * leading slash, so with 'GET / ' it is now an empty string.
          */
-        if (p[1] == '\0')
+        if (p[0] == '\0')
             goto out;
 
         len = urldecode(p);
diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/apps/openssl.c
--- a/crypto/external/bsd/openssl/dist/apps/openssl.c   Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/openssl.c   Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -22,7 +22,6 @@
 # include <openssl/engine.h>
 #endif
 #include <openssl/err.h>
-#include "s_apps.h"
 /* Needed to get the other O_xxx flags. */
 #ifdef OPENSSL_SYS_VMS
 # include <unixio.h>
diff -r 7dbfd84db6c4 -r 87d8fc680753 crypto/external/bsd/openssl/dist/apps/req.c
--- a/crypto/external/bsd/openssl/dist/apps/req.c       Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/req.c       Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -881,9 +881,19 @@
 
     if (text) {
         if (x509)
-            X509_print_ex(out, x509ss, get_nameopt(), reqflag);
+            ret = X509_print_ex(out, x509ss, get_nameopt(), reqflag);
         else
-            X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
+            ret = X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
+
+        if (ret == 0) {
+            if (x509)
+              BIO_printf(bio_err, "Error printing certificate\n");



Home | Main Index | Thread Index | Old Index